LONDON (AP) — Keir Giles’ first thought was that the man’s cheap-looking suit didn’t seem right for a private equity executive. The man seated in front of him at the London hotel claimed to live in Hong Kong, but didn’t seem overly familiar with the city. Then there was the awkward conversation, which kept returning to one topic in particular: the Russian antivirus firm Kaspersky Lab.

He also asked Giles to repeat himself or speak louder so persistently that Giles said he began wondering “whether I should be speaking into his tie or his briefcase or wherever the microphone was.”

“He was drilling down hard on whether there had been any ulterior motives behind negative media commentary on Kaspersky,” said Giles, a Russia specialist with London’s Chatham House thinktank who often has urged caution about Kaspersky’s alleged Kremlin connections. “The angle he wanted to push was that individuals — like me — who had been quoted in the media had been induced by or motivated to do so by Kaspersky’s competitors.”

The Associated Press has learned that the mysterious man, who said his name was Lucas Lambert, spent several months last year investigating critics of Kaspersky Lab, organizing at least four meetings with cybersecurity experts in London and New York.

Giles said he met with Lambert twice last year, ostensibly to discuss Giles speaking at a cybersecurity conference that Lambert’s company was organizing. But Lambert seemed far more interested in finding out whether anyone had been paid to publicly undermine Kaspersky.

Kaspersky Lab declined to answer questions from the AP about whether it had any involvement with the meetings.

The operation targeting Giles and others came at a sensitive time for the Moscow-based company, which boasts one of the world’s most popular consumer antivirus products and a research unit widely respected for routinely exposing elite hacking groups.

U.S. officials had occasionally expressed wariness about the firm over the years, but criticism of the company intensified in the aftermath of Russian intervention in the 2016 presidential election.

U.S. lawmakers began calling for restrictions on Kaspersky, contending that a Russian firm could not be trusted to keep American networks safe, and the U.S. Department of Homeland Security ordered federal agencies to remove the firm’s antivirus software from their computers. Congress later passed legislation banning the software from government networks.

By the time Giles met with Lambert, Kaspersky was suing the U.S. government over its decision, arguing that it never helped hackers and was being “considered guilty until proven innocent.” U.S. judges have since dismissed the lawsuit.

The AP learned that Lambert also targeted Michael Daniel, who served as former president Barack Obama’s cybersecurity czar, though it is unclear whether he actually managed to meet with Daniel.

In an email exchange with the AP, Lambert insisted that he and his company were genuine, but he did not reply to follow-up questions about the multiple discrepancies in his story or make himself available for an interview. The AP could find no evidence of the existence of the firm Lambert said he worked for, Tokyo- and Hong Kong-based NPH Investments.

Research by Citizen Lab, an internet watchdog group based at the University of Toronto’s Munk School, suggests the Lucas Lambert operation is linked to an almost identical one involving a man calling himself Michel Lambert. Michel’s bungled attempt in a Manhattan restaurant to entrap John Scott-Railton, a senior researcher at the lab, was caught on camera by AP reporters two months ago.

The two Lamberts appear to be different individuals. A few days after the AP published Michel Lambert’s photo, he was outed as former Israeli intelligence officer Aharon Almog-Assouline. In a Canadian court filing , a Toronto attorney said Assouline “bears a striking similarity” to a man he identified as an operative for Black Cube, an Israeli private intelligence firm.

Black Cube has denied any connection to the operation targeting Citizen Lab or to Michel Lambert. Its Israeli law firm, Cassouto & Co., said in a letter that it had absolutely no link to Lucas Lambert either.

“Black Cube denies it ever worked — directly or indirectly — for or on behalf of Kaspersky Lab,” the letter said. “Black Cube also denies any involvement with an undercover operative going by the alias ‘Lucas Lambert.’ Black Cube does not know who ‘Lucas Lambert’ is and never heard this name.”

Giles said that Lucas Lambert first reached out to him in an April 30, 2018, email , saying he wanted to discuss a private investor conference being organized by his company. He said NPH’s clients wanted to know more about the overlap between cybersecurity companies and governments, offering Giles — who regularly gives lectures — $10,000 to deliver a keynote speech.

Giles said he agreed to meet on May 10 to discuss the idea. And while the pair did discuss the potential speaking engagement, Giles said Lambert also quizzed him on his attitude toward Kaspersky.

Giles had given interviews suggesting Kaspersky’s claims to be a neutral player should be taken with a grain of salt, saying it wouldn’t be unusual for the company to cooperate with Russian spies in the same way that U.S. companies have in the past been caught giving discreet assistance to the National Security Agency.

Even if Kaspersky itself resisted such cooperation, Giles said, “individual employees of the company in Russia can be subverted with great ease.”

At their meeting, Giles said, Lambert sounded him out on those criticisms, asking him whether doubts about Kaspersky were being sown by industry rivals jealous of the company’s success. Lambert also asked if Giles and others were being induced by anyone to denigrate the company in the media.

“I told him repeatedly that that was not the reason,” Giles said.

Giles said he exited the meeting with mixed feelings: Lambert’s backstory raised some flags, but he seemed knowledgeable about cybersecurity. So when Lambert asked if Giles could recommend anyone else for the conference, he put him in touch with an American cybersecurity expert he knew.

In an email exchange with his U.S. colleague, Giles said the conference could be an opportunity for them both to earn money and enjoy some dim sum in Hong Kong. But he added an important caveat.

“I have no guarantees this is a legit operation,” Giles wrote, explaining that he could find no one who had heard of NPH Investments.

“I’m proceeding with mild caution,” he said.

An AP search of Japan’s National Tax Agency database found no record of NPH Investments. And while there is a company called NPH Investments Limited based in Hong Kong — the company Lambert claimed to work for when challenged by the AP — corporate records show that it’s registered at a different address than the one displayed on Lambert’s business card and on NPH’s website. The registered owner of NPH Investments Limited did not return a message from the AP.

A receptionist at the Wharf T&T Centre in Hong Kong, the address Lambert claimed to work from, told an AP reporter that the company was not listed in the building’s directory. The management at Tokyo’s Nishi Shinjuku-Takagi Building, where Lambert also claimed to have an office, said they found no trace of the firm.

The website of Lambert’s NPH also is strikingly similar to a number of fake sites recently used to target cybersecurity researchers at Citizen Lab.

Scott-Railton, one of the researchers, said the sites followed the same domain registration pattern, used off-the-shelf designs from an Israeli firm called Wix and were connected to a web of LinkedIn profiles featuring black-and-white or oddly angled photographs of men and women wearing sunglasses.

“Whoever created the NPH Investments identity was drawing from the same playbook,” Scott-Railton said.

Giles said his suspicions about NPH deepened after his second meeting with Lambert on June 6. Lambert asked the same questions all over again, he said, complete with the requests to repeat himself and talk loudly. The only variation was when Lambert falsely claimed that Giles had told him Kaspersky’s critics had been paid to slam the company in the media.

“That removed my remaining doubts that this was to hear — and possibly record — my comments on Kaspersky,” Giles said. “He was plainly hoping for an admission by me that either I or others had been working on behalf of other cybersecurity companies to reduce Kaspersky’s business.”

Meanwhile, the U.S. cybersecurity expert that Giles recommended had also met Lambert, sitting down at the Ritz-Carlton Hotel in New York on May 31. There, and at a second meeting with the expert on July 10, Lambert also touched on criticisms of Kaspersky.

“He brought it up more than once,” the cybersecurity expert said, speaking on condition of anonymity because his employer had asked him not to identify himself publicly. “He asked whether economic competitors were trying to gin up the security threat.”

In his conversations with Giles and the U.S. expert, Lambert appeared particularly eager to meet with Michael Daniel, who was White House cybersecurity coordinator between 2012 and 2017, asking both men for Daniel’s contact details.

Neither was able to provide an introduction, but Lambert claimed to have made contact. In an email obtained by AP, he said he met with Daniel last September and labeled the get-together a success.

But the Cyber Threat Alliance , a mainly American organization that Daniel now leads and is devoted to sharing intelligence about digital threats, said the former White House official had no recollection of any suspicious meetings. The alliance added that Daniel “has assumed he is a potential target for these kinds of operatives since he started in the White House seven years ago.”

A motive for targeting Daniel is unclear.

In April 2017, Kaspersky had expressed an interest in joining Daniel’s Washington-based group, according to a former U.S. intelligence official briefed on the discussions, who spoke on condition of anonymity because he wasn’t authorized to discuss the matter publicly. The former official said the sporadic communications went nowhere, petering out in February 2018, two months before Giles received his first email from Lambert.

The alliance said it did not comment on membership discussions.

A few weeks after he claimed to have met Daniel, Lambert’s operation appears to have wound down. He wrote Giles on Oct. 15 to tell him the conference would have to be postponed because a major client had “an unplanned board meeting.”

Giles remembers feeling relieved that the surreal episode was over.

“This was a kind of go-through-the-mirror experience,” he said, warning others in his position to be on their guard. “It’s really important for us to stay on the right side of the looking glass.”

___

Kin Cheung in Hong Kong and Kaori Hitomi in Tokyo contributed to this report.